Security providers

You can configure the framework server to use either Basic security or LDAP security as Form Login in combination with SAML or IWA Single Sign-On authentication which is an optional feature.

In the case of basic security , the security schema is stored in the framework server database. In the case of LDAP security , it is stored in an external LDAP repository (not supplied).

Framework can be configured as Service Provider and authenticate against a Identifier Providers for Single Sign-On operation based on SAML 2.0.

In the case of Single Sign-On for Integrated Windows Authentication the framework can be set for SPNEGO / Kerberos protocols.

There are multiple spring security context configurations available to be set in the framework property.

Here's the default security context file in %MV_HOME%/bin/rapiddeploy.properties.

#-----------------------------------------------
# Spring Security Context
#-----------------------------------------------
rapiddeploy.security.context.filename=applicationContext-security.xml
#-----------------------------------------------

The default context file does not include Single Sign-On feature configuration.

#-----------------------------------------------
# External Authentication configuration 
#-----------------------------------------------
rapiddeploy.security.authentication.add.new.user=true
rapiddeploy.security.authentication.username.regexValue=.*
#-----------------------------------------------
  • rapiddeploy.security.authentication.add.new.user* This configuration is for enable / disable the addition feature of a new user when an external authentication method is configured like LDAP or SSO. By default the value is true.
  • rapiddeploy.security.authentication.username.regexValue* This is the regular expression value for used ID extraction from the original ID. This is useful when the user ID retrieved by a SSO service is "jdoe@server" and the real username should be "jdoe". By default the regex value is ".*" which matches and uses the entire user ID as username. For SSO authentication, example value: ^[\w._%+-]+
    #-------------------------------------------------
    # Security Defaults
    #-----------------------------------------------
    security.default.groups.name=unknown
    security.default.groups.desc=Unknown
    security.default.users.username=unknown
    security.default.users.firstname=Unkown
    security.default.users.lastname=Unkown
    security.default.users.desc=Unkown
    security.default.users.email=notknown@rapiddeploy.com
    #-------------------------------------------------

    These values are used as default fields for new users and/or groups automatically created on first successfully login.

    External Links:

  • Spring Security SAML Extension
  • Spring Security Kerberos / SPNEGO Extension